Wednesday, March 31, 2010

Virtualization and Storage

My storage
As I go through the process of building my virtualized environment, one of my key considerations is storage. We are leaning towards a terabyte SAN storage device to improve the speed of back ups and virtual machines (VMS) can be moved faster.  The ability to quickly deploy  VMS is the key to quick disaster recovery.

System Management
To ease the management of VMS you should create VMS IDs. The use of VMS IDs  allows for control of mobility from server to server and enforce policies automatically. The management tool for Vmware VMS is hypervisor. Management tools become critical because VMS are moved to different servers and taken off line which makes management tricky.

In addition to managing VMS, you must successfully manage all of your licensing. Licensing has been traditionally been tied to per user or per CPU based pricing, but this model does not work with virtual machines. Many vendors must update their licensing models to account for VMS. VMS builds must be accurately tracked to control additional licensing cost associated with OS instances and applications.

Security in a virtual environment is key as the challenges and stakes are high. Any management tools such as hypervisor must be secured properly to protect VMS that ride below. Additionally all your SAN builds become critical as the house all VMS.

Once you have your virtual environment up and running you can decommission servers that have been replaced with VMS. This ultimately saves on power, cooling, and management costs. If you were ever to decommission a virtual server, you would have to find it; and justify the reasoning.

As Virtualization becomes a reality, the key components that need to be monitored are: application availability, resource utilization and allocation, security, storage, and redundancy.  The journey has began and is well worth it.

Monday, March 29, 2010

Virtualization Planning -- disaster recovery and power

I have been reviewing a Virtualization plan for the last 12 - 18 months and I getting close to implementation. The key goals of the Virtualization plan are: consolidation of servers, disaster recovery, reduced power consumption, and fault tolerance.

Virtualization is attractive because it reduces sprawl. The key component of Virtualization is the deployment of virtual machines. Licensing of software running on each virtual machine must be managed and in compliance.As all o the corporate servers become virtualized, down time and disaster recovery become more efficient and cost effective.

Lines of management of virtual servers can become blurred as far as who CIO, CTO, data center, systems manager takes ownership. It seems to be dependent on who is making the decisions regarding deployment.

My current Virtualization plan is as follows: assessment of current resource utilization patterns, security implications, internal and external service requirements, and business disaster recovery plans.

I am in the process of testing Virtualization and determine which technology to use base on cost effectiveness (VMS or Hyper V). Since VMS is the most mature product and easily deployed, I probably will start on this track. When VMware and virtual machines where first deployed there were basic issues with vendors related to licensing, compliance, reliability and performance. During the testing and deployment phase, each of these aspects must be reviewed and responsibility for virtual machines (VMS) must be determined. In some organizations the responsibility for VMS does not fall under I.T., but business managers or some other non-technical discipline.  I am in the process of deploying a test virtual server in my environment. Stay tuned as I update my progress!

Sunday, March 28, 2010

Digital Crime scene forensics and Computer espionage

Computer digital forensics is an emerging field of science to help track and capture cyber criminals. Now that social media sites and the web are a part of our daily life, protecting and securing cyberspace has taken on greater importance.

Computer forensics uses scientific methods to solve questions related to law and computer hacking and possible espionage. Since computer and technology evolves so quickly, it is very difficult for security experts and law enforcement to standarize digital forensic tools and procedures.

All of the computer data and various technologies flow over computer networks which requires network forensics. To improve network security and prevent cyber crime, data and evidence that passes over the network must be analyzed using network forensic tools and procedures.

In the years to come solving computer related crimes will require computer and network forensics and this data will be common component of trail cases. Developing techniques and standards to handle this data is vital to security and fairness of the judicial system.

Network security and cyber crime prevention is tied to collecting and analyzing  network data. This is a difficult task as the data typically resides on internet service providers  servers. In many case you need a sapena  to get access to data.  Many companies are implementing out bound content monitors so they can analyze data that is leaving their network.

In the legal system, the dilemmas revolves around who owns the data, which is  considered evidence.  Creating standards for network forensics and evidence gathering could solve wide ranging legal issues. Currently, security experts and developers are designing software and hardware solutions that will improve overall computer forensic sciences.

Even though a de-facto forensic standard has not been developed, there are some reasonably good  data forensic best practices:
     Best Practice                        Standardization issues

  1. Preservation                       How is the data preserved (media) and by who
  2. Identification                      What tools should be used to identify data (suspicion)
  3. Extraction                          How accurate is the data being extracted (purpose)
  4. Documentation                   How are finding documented and archived (quantity)
  5. Interpretation                    How is the data interpreted and by who (technology)
While researchers and developer create new software solutions, there are no concrete standard to test against. Typically the National Institute of Standards and Technology (NIST) creates standards to test tools used for network forensics, but there has been no clear definition of what forensic tools should do.

As new network forensic tools emerge (commercial and fee) manufacturers and developers should partner with standards organization such as (NIST), to create functional standards for network forensics. Standardized tools and methods will allow researches, security experts, legal professionals to use forensic tools prevent and monitor various security breaches and computer crimes.

Tuesday, March 23, 2010

Health Care Universally Good or Bad, is the hype real

Health Care is both good and bad depending on who you are speaking to or about. I would tend to think, if you currently have health insurance you feel Universal Health Care is bad because the cost of your insurance will increase. If you do not have health insurance or are having a difficult time paying for health insurance, Universal health care is good. I myself fall into the group of people who are concerned that health cost are going to increase.

Knowing some of the facts of the  plan may allow us to determine how the plan may help us. First, I will review the projected cost. As health care is phased in, a surtax will be assessed against the wealthiest Americans making over $500,000 per year. The surtax will be 5.4% income tax for individuals in this tax bracket.  The surtax will be eventually charged to a greater percentage of the American population.

For many people including the wealthy, any new taxes are bad news.  One solution is to get rid of the surtax and find additional ways to fund health care including a carbon tax. A carbon tax is an environmental tax on emissions of CO2.

There has been confusion on how employee base health care would be managed in relation to health care exchanges.  In economic theory,  both employee based health care and exchanges would compete to get insurance coverage, resulting in greater competition; therefore, lowing cost. It is true that both health care coverages are subsidized (employer / government) currently at the tune of 200 billion per year.

Some of the major issues with the health care bill are related to health exchanges. Health exchanges allow for individuals to pool resources to shop for insurance coverage. The exchanges purpose is to make insurance affordable to individuals and small business including a public plan. The regulations related to exchange plans are very strict and limit individual choice. These restrictions seem to benefit the insurance companies in regards to require the purchase of more expensive plans. There should be a push to allow insurers to cut prices if they can offer a more attractive package.

Some forced coverages can have a negative affect on small and medium size businesses. The health care bill required business with payrolls in excess of $500,000 to purchase health insurance for their workers of face a  $2,000 per worker fine. Since most employees have to purchase their own insurance, in most cases with help form their employer, this fine is very steep.

Regardless of what party you belong to,  the plan is workable and helps more than it hinders people.  All of the hysteria in the media and within the GOP is way blown out of proportion. The health care legislation can be used to strengthen the country and the American people as opposed to destroying the country as some have said.

Even some GOP supporters have said, it time for the republicans to get real and move forward. I feell reasonably comfortable the Health Care bill is good for the country!

Monday, March 22, 2010

Perimeter security -- Pearly Gates

The goal of ultimate security is to keep unathorized or intruders outside of a secured area.  Security experts traditionally has focused on perimeter security such as gates, guards, video, firewalls, to prevent undesireable from getting in.

Since security has become more disperse and threats have changed in nature, the focus has become more than just the perimeter.

In todays environment the threat of a security breach is: equally likely from an external or internal source. Typically an internal breach will occur when some one's credentails or idenity is stolen. Organizations and associated facilities must prepare for unauthorize access with in the preimeter security.

To enforce security measures and protect consumers data, federal cybersecurity and senate Judiciary committee has imposed data security programs.  The new security model has evolved into a data centric security or focusing on the value of data and the potential fall out if the data is compromised.

To increase security, the focus becomes who and what process gets access to critical data. The level of protection correlates to quantified risk of breach. The goal of all orgizations is to properly secure sensative data and minimize risk of potential data breach. I will review various technologies that are being used to protect your data in cyberspace. Stay tuned...............

Wednesday, March 17, 2010

Top 25 Technology innovations that have changed our live

11. iPhone / iPod --  The iPhone is considered the catalysis for changing the smartphone market for the better. We can know say we have great mobile devices.
12. Mac OS X -- build on Unix and has raised the bar for innovation in operating systems
13. Multi-core Processors -- The new PC generation is based on multi-core processor for under $1000 comes with tremendous speed and performance. This is a must for next PC purchase.
14. Netbooks -- we finally have a notebook that is small in size, decent capabilities, and low prices. -- loosened up the monopoly and opened up document formatting standard
16. POE -- Power over Ethernet,  ability to power VOIP phones, access points, and appliances with out need for wall outlet power. -- one of the first virtual enterprise customer resource management systems
18. Social Networks "Facebook" has had a profound effect on the way people and businesses connect and communicate.
19. Palm Treo -- for bearer of today's smart phones.
20. Twitter -- changing the way we communicate
21.Red Hat Linux -- stormed business and took hold in the enterprise environment.
22. VMware --  vitualization done in simple terms allowing enterprise class virtula servers running on servers using very little hardware.
23. VOIP Skype, SIP -- Skype allows for cheap voice calls over internet via PC, while SIP signaling allowed for wide spread adoption.
24 Solaris 10 -- leading edge of OS technology including virtualization and 64 bit architecture and  open source strategy.
25 XP --  The desk top operating system of the decade.

Tuesday, March 16, 2010

Technologies that changed the decade and some live

Every decade new technologies have been developed that improve business and quality of life. Over the last decade there have been some great improvements in technology, here is a list of some:
  1. 3G Broadband -- gives us the ability to access the Internet any where in the U.S. and Europe. Carriers use (UMTS / EVDO) standard which allows smartphone, laptops to get internet access any where.
  2. 802.11G wireless networking protocol allows for the transfer of large files to other systems on the same wireless network. If you are installing a wireless network, make sure it is 802.11G.  802.11G has allowed for the spread of WI-FI to most public venues.
  3. AJAX standard scripts for building web appliation technologies. I need to build AJAX to create attractive and interactive web based graphical user interfaces that do no require plug in or extensions that work with most browsers
  4. Amazon EC2 -- rolling out cloud-computing platform, Amazon's Elastic Compute Cloud, business are capable of running their operations on EC2
  5. AMD64 -- AMD builds 64 bit platfrom that has become main stream.
  6. Blackberry -- mobile device build around business, resulting  in the term "Crackberry"
  7. Blade Servers -- rack mount servers consoladating space and cooling.
  8. FireFox -- Mozilla forced browser innovation, resulting in more and better choices
  9. Bluetooth -- wireless innovation allowing us to go hands free.
  10. Google Apps / Gmail  provides features, convience and reliability for many businesses.
Many of us use these technologies in are daily lives to be more productive. Implementing and customizing these technologies can be very benefical for business and their employees.

Sunday, March 14, 2010

Digital data and tracking lives

Every one through out the U.S. has a digital I.D. Tracking I.D.s related to law enforcement uses three primary databases FBI's Integrated Automated Fingerprint ID system (IAFIS), the DHS's IDENT fingerprint  database of 90 million foreign nationals. ghather from vista applications, and the Departmment of Defense Automated Biometeric Identification sytem (ABIS) monitoring  foreignation and military combtants.

All of these database are GJXDM compaint to share data, the over all goal is to update all databaseos t support NIEM standard. This would allow for data exchange  outside of law enforcement and allow for next generation of IAFIS and ABIS  to incorporate  facail and iris recongination capabilities.

Database over view:
Department of Justice / FBI /Crimial Justice / Information Service (CJIS)
Inegrated Automated Fingerprint ID system: ID 55 million people, mugs shot and fingerprints (10), terrorist watch list

Next Generation ID system:
IAFIS add palm, face, iris recognition, photo searching ability
National Crime Information center database  (NCIC)-- 20 million records, crime, gangs, terriorist organization, missing and wanted people
Law Enforcement National Data Exchange -- correlation of criminal incidenent reports

Department of Defense -- Automated Biometric ID system 2.4 million records on foreign nationals -- finger prints, face and iris biometeric data

Department of Homeland Security --  Vistor and Immigrant status Indicator Technology (US-VISIT)
IDENT Automated Biometeric ID system -- ID 90 million nationals, ID checks at the border

Upgrading, installing,  and training 100,000  of system require great project management skills and  great system engineers. Making a difficult job of law enforcement easier or more effective is key, integrated systems should help keep the law abiding citizens safe. Good bless you and America!

Big Brother and Big Business

Saturday, March 13, 2010

Sharing are digital lives and data -- holding it's weight in gold

In today's digital world, we have the ability to share the most intimate details of our lives via, photos, videos, blogs, tweets, Facebook pages. All of your data is being shared and stored in Cyber space on Facebook, Twitter, Blogger, etc. For many of us, this is a great thing and enriches our lives.

The internet and specifically the computer was designed to share data for collaboration by the department of defense. Sharing expertise and information across boundaries  can make you and your organization more successful.

A great case study in information sharing is law enforcement handling of 911 data. Since 911 failures in handling data, the federal government has implemented better processes for capturing, storing, and sharing data. The biggest challenges in law enforcement is track and identifying terrorist / criminals via information gathering.  Once this is completed, investigators need access  to incident reports across many agencies nationwide.

Improving data sharing among all these agencies has improved by developing Global justice XML (GJXDM) data model.  XML helps provide a standard for common vocabulary and structure to exchange data among law enforcement databases.

To improve data sharing across the country, the US department of defense and home land security built the National information exchange model which was an extension of GJXDM. Data sharing has now become more efficient with in  area of public safety, intelligence, homeland security, and emergency and disaster management.

To over come data sharing limitation among disperse system, computer to computer data exchange as been developed using web services or service orientated architectures. To track potential criminals, all agencies keep identity databases. Many of these database are not NIEM-compliant, but are in the process of being upgrade.

One of the major consideration in managing data, is your digital identity. Managing your digital brand has become a hot topic and possible revenue generator.  Come back soon to see the completion of the study and how it can affect our lives.

Is Customer Service a dirty work? Probably not for these companies

The listed companies below got the highest vendor rating in a national publication. This favorable rating should drive some business to these companies. What are these companies doing right to receive such high praise? I will be reviewing how these companies to see how they can help you and my firm Jbrock Consulting

  1. Contact Center -- Genesys Telecommunications
  2. Web Self Service -- Rignt Now Tehcnologies
  3. Workforce Optimization  -- Verint systems
  4. Feedback Management -- Allegiance
  5. OutSourcing -- Convergys
Looking for some type of data analysis that shows customer satisfaction / loyality is key to repeat business. Surely this is true, but how can you maxmize and turn into new sales?  Business development is key to generating income!

Thursday, March 11, 2010

Going Green and Virtualiztion technology

  Go Green thus Virtualizing servers is one of the hostest technologies because it reduces administrtive costs and engery costs.

Typcially, vendors who specialized in Virtualization over sell by teling customers you can host 100 vitrual machines on a virtual server. If a virtual server is hostisng to many virtual machines in a production environement, over loading can result in poor performance and possbile outages.

The typical  consoladation is 6.1 in regards to database, ERP,  and mission critical email. Typically over consolidation helps the budgetary numbers but adversely affect performance.

When specing out virtual servers, you must consider bandwidth usage, memory, CPU, and storage requirements. Even the best performing two quad-core processors experience botltlenecks and peformance hits due to highly transactional applications.

Planning our vitualization involved:
  1.  Capacity Analysis -  VMware tools have the ability to perform indepth capacity anlysis that monitor server hardware utilization. What resources can a server contribute to the virtual pool?  With vitual servers you must monitor and manage RAM and CPU spikes and look for  performance degeradation. The key is to create balance work loads among all of the vitual servers.
  2. Monitor Peformance Continuoulsy --  Typically you monitor RAM usage, but any I/O  problems must be addressed quickly. Many virtaul users will monitor  reads / writes to disk  to see disk performance.
  3. Test all applications -- test all mission critical applications before and after deployment. You must spread out similar work loads among different servers so they will not be fighting for resource. Split up web servers, email servers, file servers to manage demand. To make sure your environement works the best, take into consideration peak usage times to know resource demands. The typical testing phase will last at least one month.
  4. Develop bench marks -- trying getting in contact with similar orginations that have virtualized to compare key statistics related to virtualization project.

Wednesday, March 10, 2010

New Hot I.T Skills

  1. Virtualization -- the new I.T. infrastructure
  2. Service Managment -- Support customers in regional cloud
  3. Unified Computing -- the ability to manage all aspecting of communication (voice, data, email)
  4. Go Green -- deploying green technology
  5. Communication -- Basic good people skills
  6. Resource management -- managing I.T. and facilities with data center
  7. Engineering -- edge networking, equipment management, various system
  8. Network -- configuration, hardware, and security
  9. Financial analysis -- application and technology economices
  10. Project management -- ability to complete project on time with in budget
Always striving to sharpen my skills and manage up coming projects!

Monday, March 8, 2010

Corporate Inclusion and I.T. relations

In the coporate world, minorities and women are under represented in certain fields and especially in Information Technology ("I.T.").

In an effort to reconginze minorities in I.T. and promote advancement.  I am looking at the group B.I.T or  Blacks in Technolgy  (web site Blacks In Technolgy).

Greg Greenlee and Ronnie Hash developed B.I.T community to motivate and inspire African Americans to pursue careers in technology.

B.I.T is a social networking group that has the outward goal of  driving individaul growth, developement, and sustained success in the field of infromation technology.

We as the American consumers and work force, need to work together to develop systems that work for us and benefits us indivually and as a nation.  I commend the postive work  B.I.T is doing, especailly in the sense of helping others.

Monday, March 1, 2010

Minority Stake in Infromation Technology Management

Many minorities have made significant contrubtions to Information Technology field. Many have started their own companies and climbed the corporate latter via hard work and dedication. Every one can find inspiration from some one succeeding by over coming obstacles and hurdles to find happiness and success.

IBM has been in the fore front of promoting minorities in to the management ranks. I applaud IBM's for it's diveristy efforts lead by Ron Glover (VP) of diveristy  at IBM. IBM has the highest amount of blacks in senior manage positions.

IBM has been committeed to building a diverse work force which reflect it's customer base it serves through 170 countries. The focus is about opportunity for all and eliminating barriers to success. May the path of opportunity lay in front of you, that you may follow it to happiness and success.

There are many companies and inviduals who have made I.T. accessible to all who are willing to work hard to become success. I would some day like to meet some of these I.T. leaders.